# tuned configuration
#==============================================================#
# File      :   vip-manager.yml
# Desc      :   bind a l2 vip to postgres cluster primary according to etcd
# Time      :   {{ '%Y-%m-%d %H:%M' |strftime }}
# Host      :   {{ nodename }} @ {{ inventory_hostname }}
# Path      :   /etc/default/vip-manager.yml
# Note      :   ANSIBLE MANAGED, CHANGE WITH CAUTIONS!
# Author    :   Ruohang Feng (rh@vonng.com)
# License   :   AGPLv3
#==============================================================#

# time (in milliseconds) after which vip-manager wakes up and checks if it needs to register or release ip addresses.
interval: 1000

# the etcd or consul key which vip-manager will regularly poll.
trigger-key: "{{ pg_namespace }}/{{ pg_cluster }}/leader"

# if the value of the above key matches the trigger-value (often the hostname of this host), vip-manager will try to add the virtual ip address to the interface specified in Iface
trigger-value: "{{ pg_cluster }}-{{ pg_seq }}"

# the virtual ip address to manage
ip: {{ vip_address }}

# netmask for the virtual ip
netmask: {{ vip_cidrmask }}

#interface to which the virtual ip will be added
interface: {{ vip_interface }}

# how the virtual ip should be managed. we currently support "ip addr add/remove" through shell commands or the Hetzner api
hosting-type: basic # possible values: basic, or hetzner.

# etcd or consul
dcs-type: etcd

# a list that contains all DCS endpoints to which vip-manager could talk.
dcs-endpoints:
{% for ip in groups['etcd']|sort %}
  - https://{{ ip }}:{{ etcd_port }}
{% endfor %}
# A single list-item is also fine.
# consul will always only use the first entry from this list.
# For consul, you'll obviously need to change the port to 8500.
# Unless you're using a different one. Maybe you're a rebel and are running consul on port 2379?
# Just to confuse people? Why would you do that? Oh, I get it.

# when etcd-ca-file is specified, TLS connections to the etcd endpoints will be used.
etcd-ca-file: "/etc/pki/ca.crt"

# when etcd-cert-file and etcd-key-file are specified, we will authenticate at the etcd endpoints using this certificate and key.
etcd-cert-file: "/pg/cert/server.crt"
etcd-key-file: "/pg/cert/server.key"

#etcd-user: "patroni"
#etcd-password: "Pigsty"

# don't worry about parameter with a prefix that doesn't match the endpoint_type. You can write anything there, I won't even look at it.
consul-token: "Pigsty"

# how often things should be retried and how long to wait between retries. (currently only affects arpClient)
retry-num: 2

#in milliseconds
retry-after: 250

# verbose logs (currently only supported for hetzner)
verbose: false
